Add HAVE_SELFTEST and rng_bank SHA512 awareness

Author: kaleb-himes

configure.ac

@@ -4453,6 +4453,12 @@ AC_ARG_ENABLE([sha512-drbg],
     [ ENABLED_SHA512_DRBG=yes ]
     )
 
+# SHA-512 DRBG requires SHA-512
+if test "$ENABLED_SHA512" != "yes"
+then
+    ENABLED_SHA512_DRBG=no
+fi
+
 # SHA384
 AC_ARG_ENABLE([sha384],
     [AS_HELP_STRING([--enable-sha384],[Enable wolfSSL SHA-384 support (default: enabled)])],
@@ -6823,6 +6829,11 @@ AS_CASE([$SELFTEST_VERSION],
         AM_CFLAGS="$AM_CFLAGS -DHAVE_SELFTEST -DHAVE_PUBLIC_FFDHE"
     ])
 
+# Selftest uses its own random.c which doesn't support SHA-512 DRBG
+# or runtime DRBG disable/enable APIs
+AS_IF([test "x$ENABLED_SELFTEST" = "xyes"],
+    [ENABLED_SHA512_DRBG=no])
+
 AS_IF([test "x$ENABLED_AESXTS" = "xyes"],
       [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_XTS -DWOLFSSL_AES_DIRECT"])
 AS_IF([test "x$ENABLED_AESXTS" = "xyes" && test "x$ENABLED_INTELASM" = "xyes"],

tests/api/test_random.c

@@ -539,7 +539,9 @@ int test_wc_RNG_HealthTest(void)
 int test_wc_RNG_HealthTest_SHA512(void)
 {
     EXPECT_DECLS;
-#if defined(HAVE_HASHDRBG) && defined(WOLFSSL_DRBG_SHA512)
+#if defined(HAVE_HASHDRBG) && defined(WOLFSSL_DRBG_SHA512) && \
+    !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
 
     /* No-reseed test: drbgvectors_no_reseed/Hash_DRBG.rsp, [SHA-512],
      * COUNT=0 */
@@ -667,7 +669,7 @@ int test_wc_RNG_HealthTest_SHA512(void)
         test2SeedB, sizeof(test2SeedB), output, sizeof(output)), 0);
     ExpectBufEQ(test2Output, output, sizeof(output));
 
-#endif /* HAVE_HASHDRBG && WOLFSSL_DRBG_SHA512 */
+#endif /* HAVE_HASHDRBG && WOLFSSL_DRBG_SHA512 && !HAVE_SELFTEST && FIPS v7+ */
     return EXPECT_RESULT();
 }
 

wolfcrypt/benchmark/benchmark.c

@@ -969,7 +969,8 @@ static WC_INLINE void bench_append_memory_info(char* buffer, size_t size,
 /* Other */
 #define BENCH_RNG                0x00000001
 #define BENCH_SCRYPT             0x00000002
-#ifdef WOLFSSL_DRBG_SHA512
+#if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
     #define BENCH_RNG_SHA512         0x00000004
 #endif
 
@@ -1278,7 +1279,8 @@ static const bench_alg bench_other_opt[] = {
 #ifndef WC_NO_RNG
     { "-rng",                BENCH_RNG               },
 #endif
-#ifdef WOLFSSL_DRBG_SHA512
+#if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
     { "-rng-sha512",         BENCH_RNG_SHA512        },
 #endif
 #ifdef HAVE_SCRYPT
@@ -3815,7 +3817,8 @@ static void* benchmarks_do(void* args)
     if (bench_all || (bench_other_algs & BENCH_RNG))
         bench_rng();
 #endif /* WC_NO_RNG */
-#ifdef WOLFSSL_DRBG_SHA512
+#if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
     if (bench_all || (bench_other_algs & BENCH_RNG_SHA512))
         bench_rng_sha512();
 #endif
@@ -4889,15 +4892,18 @@ void bench_rng(void)
     DECLARE_MULTI_VALUE_STATS_VARS()
 
     /* Force SHA-256 DRBG by temporarily disabling SHA-512 DRBG */
-#if defined(WOLFSSL_DRBG_SHA512) && defined(WOLFSSL_DRBG_SHA256)
+#if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
+  #if defined(WOLFSSL_DRBG_SHA256)
     ret = wc_Sha512Drbg_Disable();
     if (ret != 0) {
         printf("wc_Sha512Drbg_Disable failed %d\n", ret);
         return;
     }
-#elif defined(WOLFSSL_DRBG_SHA512) && !defined(WOLFSSL_DRBG_SHA256)
+  #else
     printf("RNG SHA-256 DRBG (Skipped: Disabled)\n");
     return;
+  #endif
 #endif
 
     bench_stats_prepare();
@@ -4909,7 +4915,8 @@ void bench_rng(void)
 #endif
     if (ret < 0) {
         printf("InitRNG (SHA-256) failed %d\n", ret);
-#ifdef WOLFSSL_DRBG_SHA512
+#if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
         wc_Sha512Drbg_Enable();
 #endif
         return;
@@ -4951,13 +4958,15 @@ void bench_rng(void)
     wc_FreeRng(&myrng);
 
     /* Restore SHA-512 DRBG */
-#ifdef WOLFSSL_DRBG_SHA512
+#if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
     wc_Sha512Drbg_Enable();
 #endif
 }
 #endif /* WC_NO_RNG */
 
-#ifdef WOLFSSL_DRBG_SHA512
+#if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
 void bench_rng_sha512(void)
 {
     int    ret, i, count;
@@ -5030,7 +5039,7 @@ void bench_rng_sha512(void)
     wc_Sha256Drbg_Enable();
 #endif
 }
-#endif /* WOLFSSL_DRBG_SHA512 */
+#endif /* WOLFSSL_DRBG_SHA512 && !HAVE_SELFTEST && FIPS v7+ */
 
 #ifndef NO_AES
 

wolfcrypt/benchmark/benchmark.h

@@ -127,7 +127,10 @@ void bench_sakkeRskGen(void);
 void bench_sakkeValidate(void);
 void bench_sakke(void);
 void bench_rng(void);
+#if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
 void bench_rng_sha512(void);
+#endif
 void bench_blake2b(void);
 void bench_blake2s(void);
 void bench_ascon_hash(void);

wolfcrypt/src/random.c

@@ -1316,7 +1316,10 @@ int wc_RNG_TestSeed(const byte* seed, word32 seedSz)
 
     return ret;
 }
-/* Runtime DRBG disable/enable API */
+/* Runtime DRBG disable/enable API — only available in non-selftest and
+ * FIPS v7+ builds (older FIPS/selftest random.c doesn't have these) */
+#if !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
 #ifndef NO_SHA256
 int wc_Sha256Drbg_Disable(void)
 {
@@ -1346,6 +1349,7 @@ int wc_Sha256Drbg_Disable(void) { return NOT_COMPILED_IN; }
 int wc_Sha256Drbg_Enable(void) { return 0; }
 int wc_Sha256Drbg_GetStatus(void) { return 1; } /* always disabled */
 #endif /* !NO_SHA256 */
+#endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS v7+) */
 
 #ifdef WOLFSSL_DRBG_SHA512
 int wc_Sha512Drbg_Disable(void)

wolfcrypt/src/rng_bank.c

@@ -26,6 +26,33 @@
 #include <wolfssl/wolfcrypt/random.h>
 #include <wolfssl/wolfcrypt/rng_bank.h>
 
+/* Helper to get reseedCtr from the active DRBG, regardless of SHA-256/SHA-512 */
+#ifdef WOLFSSL_DRBG_SHA512
+    #define WC_RNG_BANK_RESEED_CTR(rng_ptr) \
+        (((rng_ptr)->drbgType == WC_DRBG_SHA512) \
+            ? ((struct DRBG_SHA512_internal *)(rng_ptr)->drbg512)->reseedCtr \
+            : ((struct DRBG_internal *)(rng_ptr)->drbg)->reseedCtr)
+    #define WC_RNG_BANK_SET_RESEED_CTR(rng_ptr, val) \
+        do { \
+            if ((rng_ptr)->drbgType == WC_DRBG_SHA512) \
+                ((struct DRBG_SHA512_internal *)(rng_ptr)->drbg512)->reseedCtr \
+                    = (val); \
+            else \
+                ((struct DRBG_internal *)(rng_ptr)->drbg)->reseedCtr = (val); \
+        } while (0)
+    #define WC_RNG_BANK_DRBG_NULL(rng_ptr) \
+        ((rng_ptr)->drbg == NULL && (rng_ptr)->drbg512 == NULL)
+#else
+    #define WC_RNG_BANK_RESEED_CTR(rng_ptr) \
+        (((struct DRBG_internal *)(rng_ptr)->drbg)->reseedCtr)
+    #define WC_RNG_BANK_SET_RESEED_CTR(rng_ptr, val) \
+        do { \
+            ((struct DRBG_internal *)(rng_ptr)->drbg)->reseedCtr = (val); \
+        } while (0)
+    #define WC_RNG_BANK_DRBG_NULL(rng_ptr) \
+        ((rng_ptr)->drbg == NULL)
+#endif
+
 WOLFSSL_API int wc_rng_bank_init(
     struct wc_rng_bank *ctx,
     int n_rngs,
@@ -343,7 +370,7 @@ WOLFSSL_API int wc_rng_bank_checkout(
             *rng_inst = &bank->rngs[preferred_inst_offset];
 
             if ((! (flags & WC_RNG_BANK_FLAG_CAN_WAIT)) &&
-                (((struct DRBG_internal *)(*rng_inst)->rng.drbg)->reseedCtr >=
+                (WC_RNG_BANK_RESEED_CTR(&(*rng_inst)->rng) >=
                  WC_RESEED_INTERVAL) &&
                 (flags & WC_RNG_BANK_FLAG_CAN_FAIL_OVER_INST) &&
                 (n_rngs_tried < bank->n_rngs))
@@ -353,7 +380,7 @@ WOLFSSL_API int wc_rng_bank_checkout(
             else {
 #ifdef WC_VERBOSE_RNG
                 if ((! (flags & WC_RNG_BANK_FLAG_CAN_WAIT)) &&
-                    (((struct DRBG_internal *)(*rng_inst)->rng.drbg)->reseedCtr >=
+                    (WC_RNG_BANK_RESEED_CTR(&(*rng_inst)->rng) >=
                      WC_RESEED_INTERVAL))
                 {
                     WOLFSSL_DEBUG_PRINTF(
@@ -484,7 +511,7 @@ WOLFSSL_API int wc_rng_bank_inst_reinit(
     int devId;
 
     if ((rng_inst == NULL) ||
-        (rng_inst->rng.drbg == NULL))
+        WC_RNG_BANK_DRBG_NULL(&rng_inst->rng))
     {
         return BAD_FUNC_ARG;
     }
@@ -561,7 +588,7 @@ WOLFSSL_API int wc_rng_bank_seed(struct wc_rng_bank *bank,
 #endif
             break;
         }
-        else if (drbg->rng.drbg == NULL) {
+        else if (WC_RNG_BANK_DRBG_NULL(&drbg->rng)) {
 #ifdef WC_VERBOSE_RNG
             WOLFSSL_DEBUG_PRINTF(
                 "WARNING: wc_rng_bank_seed(): inst#%d has null .drbg.\n", n);
@@ -612,8 +639,7 @@ WOLFSSL_API int wc_rng_bank_reseed(struct wc_rng_bank *bank,
         if (ret != 0)
             return ret;
 
-        ((struct DRBG_internal *)drbg->rng.drbg)->reseedCtr =
-            WC_RESEED_INTERVAL;
+        WC_RNG_BANK_SET_RESEED_CTR(&drbg->rng, WC_RESEED_INTERVAL);
 
         if (flags & WC_RNG_BANK_FLAG_CAN_WAIT) {
             byte scratch[4];

wolfcrypt/test/test.c

@@ -20143,7 +20143,8 @@ static wc_test_ret_t _rng_test(WC_RNG* rng)
         WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
     {
 #endif
-    #ifdef WOLFSSL_DRBG_SHA512
+    #if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+        (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
         if (rng->drbgType == WC_DRBG_SHA512) {
             ((struct DRBG_SHA512_internal *)rng->drbg512)->reseedCtr =
                 WC_RESEED_INTERVAL;
@@ -20159,7 +20160,8 @@ static wc_test_ret_t _rng_test(WC_RNG* rng)
         if (ret != 0)
             return WC_TEST_RET_ENC_EC(ret);
 
-    #ifdef WOLFSSL_DRBG_SHA512
+    #if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+        (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
         if (rng->drbgType == WC_DRBG_SHA512) {
             if (((struct DRBG_SHA512_internal *)rng->drbg512)->reseedCtr ==
                     WC_RESEED_INTERVAL)
@@ -20492,7 +20494,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void)
     if (XMEMCMP(test2Output, output, sizeof(output)) != 0)
         return WC_TEST_RET_ENC_NC;
 
-#ifdef WOLFSSL_DRBG_SHA512
+#if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
     /* SHA-512 DRBG Health Tests using NIST CAVP test vectors.
      * Source: NIST CAVP drbgtestvectors.zip, Hash_DRBG.rsp, [SHA-512],
      * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-
@@ -20633,7 +20636,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void)
         if (XMEMCMP(sha512test2Output, output512, sizeof(output512)) != 0)
             return WC_TEST_RET_ENC_NC;
     }
-#endif /* WOLFSSL_DRBG_SHA512 */
+#endif /* WOLFSSL_DRBG_SHA512 && !HAVE_SELFTEST && FIPS v7+ */
 
     /* Basic RNG generate block test */
     if ((ret = random_rng_test()) != 0)
@@ -20855,8 +20858,20 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_bank_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
 
     for (i = 0; i < bank->n_rngs; ++i) {
+    #if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+        (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
+        word64 bankReseedCtr;
+        if (bank->rngs[i].rng.drbgType == WC_DRBG_SHA512)
+            bankReseedCtr = ((struct DRBG_SHA512_internal *)
+                bank->rngs[i].rng.drbg512)->reseedCtr;
+        else
+            bankReseedCtr = ((struct DRBG_internal *)
+                bank->rngs[i].rng.drbg)->reseedCtr;
+        if (bankReseedCtr != WC_RESEED_INTERVAL)
+    #else
         if (((struct DRBG_internal *)bank->rngs[i].rng.drbg)
             ->reseedCtr != WC_RESEED_INTERVAL)
+    #endif
         {
             ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
         }

wolfssl/wolfcrypt/random.h

@@ -482,7 +482,8 @@ WOLFSSL_API int  wc_FreeRng(WC_RNG* rng);
                                         const byte* seedB, word32 seedBSz,
                                         byte* output, word32 outputSz,
                                         void* heap, int devId);
-#ifdef WOLFSSL_DRBG_SHA512
+#if defined(WOLFSSL_DRBG_SHA512) && !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
     WOLFSSL_API int wc_RNG_HealthTest_SHA512(int reseed,
                                         const byte* seedA, word32 seedASz,
                                         const byte* seedB, word32 seedBSz,
@@ -499,9 +500,11 @@ WOLFSSL_API int  wc_FreeRng(WC_RNG* rng);
                                             word32 additionalBSz,
                                         byte* output, word32 outputSz,
                                         void* heap, int devId);
-#endif /* WOLFSSL_DRBG_SHA512 */
+#endif /* WOLFSSL_DRBG_SHA512 && !HAVE_SELFTEST && FIPS v7+ */
 
     /* Runtime DRBG disable/enable API */
+#if !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
     WOLFSSL_API int wc_Sha256Drbg_Disable(void);
     WOLFSSL_API int wc_Sha256Drbg_Enable(void);
     WOLFSSL_API int wc_Sha256Drbg_GetStatus(void);
@@ -510,6 +513,7 @@ WOLFSSL_API int  wc_FreeRng(WC_RNG* rng);
     WOLFSSL_API int wc_Sha512Drbg_Enable(void);
     WOLFSSL_API int wc_Sha512Drbg_GetStatus(void);
 #endif
+#endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS v7+) */
 
 #endif /* HAVE_HASHDRBG */